Zend Framework before 2.4.9, zend-framework/zend-crypt 2.4.x before 2.4.9, and 2.5.x before 2.5.2 allows remote attackers to recover the RSA private key.
References
Link | Resource |
---|---|
https://framework.zend.com/security/advisory/ZF2015-10 | Vendor Advisory |
https://bugzilla.redhat.com/show_bug.cgi?id=1283137 | Issue Tracking Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Information
Published : 2017-10-10 09:29
Updated : 2017-11-05 13:23
NVD link : CVE-2015-7503
Mitre link : CVE-2015-7503
JSON object : View
CWE
CWE-320
Key Management Errors
Products Affected
zend
- zend_framework